Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/nXXPbGAZ8FnkZeTesgTNJCvUtGU.mft
File:                     nXXPbGAZ8FnkZeTesgTNJCvUtGU.mft (raw, json)
Hash identifier:          PEO8XuistJKIZIAfolz6eqrykSDVbciGili0+vqZ+9w=
Subject key identifier:   82:15:12:30:9E:DE:0A:6F:24:E9:11:6F:DD:C5:89:95:00:24:8B:19
Authority key identifier: 9D:75:CF:6C:60:19:F0:59:E4:65:E4:DE:B2:04:CD:24:2B:D4:B4:65
Certificate issuer:       /CN=9d75cf6c6019f059e465e4deb204cd242bd4b465
Certificate serial:       0199FC8F8EA518DC563417A9E9C67511775B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nXXPbGAZ8FnkZeTesgTNJCvUtGU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/nXXPbGAZ8FnkZeTesgTNJCvUtGU.mft
Manifest number:          1304
Signing time:             Sun 19 Oct 2025 13:01:30 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:30 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:30 +0000
Files and hashes:         1: k3gz5duj9CFhYELeViKRfCBvdLQ.roa (hash: sqXEDoIPEFamPJfQ+MXgutDdyy3EAS9+6SZZLlnP/eE=)
                          2: nXXPbGAZ8FnkZeTesgTNJCvUtGU.crl (hash: Pg5IcGo9U+lWMaGgcFIP3VDKSndGilgqpAZmI2Is8wM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/nXXPbGAZ8FnkZeTesgTNJCvUtGU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/nXXPbGAZ8FnkZeTesgTNJCvUtGU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nXXPbGAZ8FnkZeTesgTNJCvUtGU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:8e:a5:18:dc:56:34:17:a9:e9:c6:75:11:77:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d75cf6c6019f059e465e4deb204cd242bd4b465
        Validity
            Not Before: Oct 19 13:01:30 2025 GMT
            Not After : Oct 20 13:01:30 2025 GMT
        Subject: CN=821512309ede0a6f24e9116fddc5899500248b19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:77:7c:03:fb:07:14:f1:2b:87:65:c0:82:f9:
                    37:db:9f:3f:cf:17:90:72:06:1f:df:fe:ec:f7:95:
                    a4:04:76:79:53:15:7c:0c:58:56:81:fa:2f:36:61:
                    b6:c9:03:4a:d2:87:0c:88:d4:c4:db:17:42:9b:43:
                    69:d3:78:9f:55:af:4c:26:90:d4:71:3a:3c:62:db:
                    1b:e0:31:9b:57:c3:54:3e:71:e4:77:ee:ba:3a:72:
                    c5:f8:58:90:66:c6:8e:41:d3:c1:dd:7f:e5:9d:4c:
                    9b:be:78:c0:9c:12:bb:77:0b:ce:9f:a8:8f:24:8b:
                    b3:57:52:aa:82:ac:cc:c9:9d:a9:d4:29:4c:e3:cc:
                    c2:22:83:e9:c8:14:26:85:89:1c:50:af:eb:ee:0d:
                    2b:b1:74:e2:11:50:38:ae:09:63:f5:36:c2:97:de:
                    e9:8e:d1:16:4a:7d:ea:ad:8b:18:c7:66:5d:68:9e:
                    a5:5b:ae:36:70:9a:5a:8c:fb:72:35:63:26:3c:da:
                    00:bd:a8:80:9d:7d:33:7b:0c:13:5b:ee:f9:83:b3:
                    90:b0:d6:5e:c5:20:15:f5:8e:97:c8:46:1b:51:93:
                    28:86:d9:c3:0c:b9:bd:ea:93:02:38:42:e1:21:86:
                    be:64:54:5d:e8:47:e0:ab:53:dd:c2:be:08:3c:98:
                    44:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:15:12:30:9E:DE:0A:6F:24:E9:11:6F:DD:C5:89:95:00:24:8B:19
            X509v3 Authority Key Identifier:
                keyid:9D:75:CF:6C:60:19:F0:59:E4:65:E4:DE:B2:04:CD:24:2B:D4:B4:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nXXPbGAZ8FnkZeTesgTNJCvUtGU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/nXXPbGAZ8FnkZeTesgTNJCvUtGU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/nXXPbGAZ8FnkZeTesgTNJCvUtGU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:02:4b:c5:0f:bc:58:ab:a6:fa:e5:59:ec:39:39:4c:95:e1:
         fb:5b:24:3d:7d:a4:59:11:ea:14:03:82:a6:a9:59:10:c7:bc:
         78:25:15:e7:45:e8:77:52:9d:c8:d5:c7:64:c2:44:a7:df:10:
         7e:0f:aa:31:25:6a:6d:59:2c:0e:25:8a:b6:90:0e:a4:d1:c8:
         41:12:1b:64:4c:60:55:5f:7c:ad:38:94:d6:65:9d:cc:5d:2f:
         99:68:bb:ab:86:e5:a0:dd:c0:d9:90:88:65:61:47:91:9a:bb:
         be:cf:89:81:ca:45:be:b6:1f:52:50:58:6b:d9:6a:03:0a:97:
         fc:10:b6:44:11:34:95:58:19:a1:63:31:45:e7:ba:f5:91:22:
         76:a5:08:74:71:7a:38:84:77:6c:5c:8b:7e:65:0e:e1:3e:09:
         41:d1:c7:6d:04:ab:cf:00:01:fa:b1:81:38:9c:4f:6a:98:b9:
         27:24:bc:0f:6a:0e:7a:48:16:de:52:3f:47:7a:a7:59:10:f6:
         97:fa:74:61:06:88:03:ed:3e:b5:2f:08:67:dd:4c:35:fd:b7:
         4e:2f:84:95:53:7c:f0:19:cf:60:25:62:8d:17:bf:cc:20:f2:
         9a:2c:dc:ac:97:ba:54:14:5e:8d:27:53:0a:89:2d:6c:f3:f0:
         ed:e8:3f:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j46lGNxWNBep6cZ1EXdbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNzVjZjZjNjAxOWYwNTllNDY1ZTRkZWIyMDRjZDI0MmJk
NGI0NjUwHhcNMjUxMDE5MTMwMTMwWhcNMjUxMDIwMTMwMTMwWjAzMTEwLwYDVQQD
Eyg4MjE1MTIzMDllZGUwYTZmMjRlOTExNmZkZGM1ODk5NTAwMjQ4YjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHd8A/sHFPErh2XAgvk3258/zxeQ
cgYf3/7s95WkBHZ5UxV8DFhWgfovNmG2yQNK0ocMiNTE2xdCm0Np03ifVa9MJpDU
cTo8Ytsb4DGbV8NUPnHkd+66OnLF+FiQZsaOQdPB3X/lnUybvnjAnBK7dwvOn6iP
JIuzV1KqgqzMyZ2p1ClM48zCIoPpyBQmhYkcUK/r7g0rsXTiEVA4rglj9TbCl97p
jtEWSn3qrYsYx2ZdaJ6lW642cJpajPtyNWMmPNoAvaiAnX0zewwTW+75g7OQsNZe
xSAV9Y6XyEYbUZMohtnDDLm96pMCOELhIYa+ZFRd6Efgq1Pdwr4IPJhEiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIIVEjCe3gpvJOkRb93FiZUAJIsZMB8GA1UdIwQY
MBaAFJ11z2xgGfBZ5GXk3rIEzSQr1LRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblhYUGJHQVo4Rm5rWmVUZXNnVE5KQ3ZVdEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9kMDRmMWItMDc0Yy00OTVlLWE0MzEt
NzZiMWFlNjJmMDcyLzEvblhYUGJHQVo4Rm5rWmVUZXNnVE5KQ3ZVdEdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9kMDRmMWItMDc0Yy00OTVlLWE0MzEtNzZiMWFlNjJmMDcy
LzEvblhYUGJHQVo4Rm5rWmVUZXNnVE5KQ3ZVdEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADQJLxQ+8
WKum+uVZ7Dk5TJXh+1skPX2kWRHqFAOCpqlZEMe8eCUV50Xod1KdyNXHZMJEp98Q
fg+qMSVqbVksDiWKtpAOpNHIQRIbZExgVV98rTiU1mWdzF0vmWi7q4bloN3A2ZCI
ZWFHkZq7vs+JgcpFvrYfUlBYa9lqAwqX/BC2RBE0lVgZoWMxRee69ZEidqUIdHF6
OIR3bFyLfmUO4T4JQdHHbQSrzwAB+rGBOJxPapi5JyS8D2oOekgW3lI/R3qnWRD2
l/p0YQaIA+0+tS8IZ91MNf23Ti+ElVN88BnPYCVijRe/zCDymizcrJe6VBRejSdT
CoktbPPw7eg/+Q==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:33:57 2025 by rpki-client